Forwarded from: hobbitat_private (*Hobbit*) Warchalking, ... can be accessed freely, has been blasted as theft. What total rot. What if a company with a large campus provided a bunch of bicycles for employees to quickly get between buildings, and some outsiders came in and occasionally "borrowed" a few bicycles for their own uses? Would the company have a leg to stand on if it didn't take even a *token* step to limit usability of said bicycles to employees only? [I don't know, some sort of simple permanently-affixed lock to prevent wheel rotation that staff is given a key for would suffice.] What if the bicycles are a wireless cloud, and the common key is WEP, that makes the simple statement that "the resource is really for authorized employee use only and we'd really rather not have you muckin' about with it if you don't work here?" Not particularly hard to defeat, but is just enough to keep the honest people in line with the caveat that their data isn't *private* unless they also use some kind of end-to-end encryption. Additional messages about usage can be sent by blocking tcp 25 outbound -- again, not hard to get around, but requires that someone perform an obvious act of subterfuge to do so. If such measures are cheap to implement and go a long way toward limiting the perceived risk of a completely open environment, why would the company spend all its time going around publicly blustering about "theft" instead of simply using the token locking mechanisms? Cripes. *Nokia*, of all outfits, should know better. The thing *I* don't understand about warchalking is that it would seem much easier to just re-sniff the air yourself than to run around looking for faded chalk marks on the front of a building, and then trying to interpret what exactly the last passing hobo meant by it. What's the point, when you can tell exactly what's up from a block away instead of parading back and forth in front of the building's security guard staring at the walls? "War" is about *not* making it obvious what you're up to. _H* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Sep 20 2002 - 02:12:01 PDT